May 28, 2004

it works, so why change it?

I had a chat with a fellow netadmin. He has recenly changed employers and the setup at his new job is really messy. Slowly but surely he cleans things up.

The situation he run in brings a lot of memories and ideas to mind and is to some degree funny. If you are a techie you'll certainly enjoy it.

Read on...
Here's the original (slightly modified to protect the inoscent) translated to english chat log. Read the human translation below.
friend says:
hi, i need quick help
if you have 2 min

boyan says:

friend says:
what was the statement not to store config in nvram, but in flash?
i am running out of nvram on one box
Building configuration...

%No memory available
% Warning: Saving this config to nvram may corrupt any network management or security files stored at the end of nvram.
Continue? [no]: 

boyan says:
copy running-config filesystem:filename
how about service compressed-config

friend says:
already there

boyan says:
there is no way to tell the router to load the config directly from flash when it boots
as far as I know

friend says:
i *think* i've read somewhere that it's possible
but thanks, anyway
i will let you know if i figure it out

boyan says:
and... clean up your config ..

friend says:
easier said than done
-rw-      -220KB- -date- -filename-
it's one big config, eh?  

boyan says:
I know  
biggie. the biggest I've seen was about 170K

friend says:
this is config of some -router-
it has static -config line- for every -customer-

boyan says:
akhm... how about something dynamic ?

friend says:
i know
working on it

boyan says:
is that config at least generated ?
or hand-edited ?

friend says:
boot config flash: somefile

boyan says:
so you need to put that into the nvram config and when the boot image loads it it will tell the real IOS to load the flash config when it boots
is that the way it works ?

friend says:
still trying to figure it out, because this boot config is not available on this box  
back to drawing board

boyan says:
do they ever remove -config lines-?

friend says:
now, that's a damn good one...
i think so
they do  
a secretary "has a program" and she just runs it, "put some -config line- and then just put it all in the program and i confirmn it with wr"
goddamn scary!!!

boyan says:
and the program is telnet.exe ?

friend says:
i would be almost sure it is
i don't even want to dare take a look

boyan says:
go take a look it will be funny to know

friend says:
-router- is down now  
some people thought reboot will fix startup-config  
( i ewven bet the lunch that it won't )
anyway, talk to you later. i need to fix this
i need beer
she goes: start/run/telnet x.x.x.x

boyan says:
noooo way

friend says:
i bullshit you not!

boyan says:
I'm blogging this ...
no names

friend says:
anyway, need to go fix this. talk to you later

boyan says:

friend says:
god almighty  
it IS funny, isn't it?  

boyan says:
it is. it's like these BOFH jokes

friend says:
it'a actually unbelievable
reloaded the damn thing
copy saved running
( 2 minutes )
and it compressed it to 50K
sometimes i really hate cisco

My friend discovered today a very interesting procedure used at his work for adding configuration lines related to customers on a device in their network.

The cisco device in question has grown a configuration of about 200KB, which it couldn't store in it's nvram(the usual placeholder for configurations on a cisco router). And he had to find a way to make it work. While working on it he discovered that a non-technical person (the secretary) was given the passwords for the device in order for her to add "customers" to it.

So their procedure for adding a customer was in fact
1. telnet to the device
2. conf t, some configuration lines
3. save configuration

It is pretty obvious that managing a 200KB (roughly 10000 lines) configuration text file containing configuration for about 5000 customers by hand is crazy. The amounts of human mistakes that will build up in the configuration over time is simply unacceptable. So you get effects like a constantly growing configuration file, non-paying customers still being provided with a service and new paying customers calling in because their service does not work. Cleaning up this mess is every netadmin's nightmare.

Unfortunately, this is the way things "just work" in most places. Posted by boyan at May 28, 2004 02:17 PM